Java does not support Kerberos and therefore may not work with the proxy. This article describes how to force Java through a different proxy, other than the system settings proxy. Oracle Java supports NTLM authentication through proxies but does not support Kerberos. Given the widespread use of Java applets in websites, this can make switching to Kerberos difficult
Procedure
- Configure Kerberos authentication on the primary proxy port but also create a secondary port running NTLM authentication. See our help topic, Creating authentication policies.
- Use group policy to deploy a
.config
file to each workstation to:-
%WinDir%\Oracle\Java\Deployment\deployment.config
This file should contain two lines:-
deployment.system.config="http://<YOUR-INTRANET-SERVER>/deployment.properties"
- (URL to deployment file hosted on a web server)
-
deployment.system.config.mandatory=false
- (Set to true to enforce settings Java will not run if it cannot fetch the deployment file)
-
-
- Create a
deployment.properties
file to a web server accessible to all clients (typically, an internal intranet server). This file will contain any options you wish to configure for Java. - Add the following to
deployment.properties
to force Java to use a different proxy than the browser:-
deployment.proxy.bypass.list=<local_addresses_to_bypass_proxy>
- (For example,
deployment.proxy.bypass.list="10.0.1.1,smoothwall,smoothwall.local"
)
- (For example,
deployment.proxy.bypass.local=true
-
deployment.proxy.http.host=<smoothwall_IP_address>
- (For example,
deployment.proxy.http.host=10.0.1.1
)
- (For example,
-
deployment.proxy.http.port=<port_for_NTLM_authentication_policy>
- (For example,
deployment.proxy.http.port=9090
)
- (For example,
deployment.proxy.type=1
deployment.proxy.same=true
-
Tip: Use the same address and port for HTTPS/FTP traffic.
Note: If you are hosting the deployment.properties
file on an IIS web server, ensure you have added a text mime type for .properties
files otherwise the server will refuse to serve it. Further technical details on deploying Java can be found here: http://docs.oracle.com/javase/6/docs/technotes/guides/deployment/deployment-guide/properties.html.